11-17-2015
How to disable sudo -i in sudoers file for users?
All,
I need to disable "sudo -i" and "su - " for all servers in our environment, We want to make sure no one run commands or delete files across environment using switching to root account. can you guys please lets me know if this is achievable.
Thanks and Regards
shekar
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I'm trying to create a script to remove users from sudoers on multiple servers. I'm able to do this with a one-line script using sed, but only if it's on one server.
Example: sed '/someuser/d' /host/local/etc/sudoers
Also, I think the problem with this one-line script is that I would have to... (4 Replies)
Discussion started by: em23
4 Replies
2. Solaris
Hi,
on solaris 10, I have two users : user1 and user2
I want to create User_Alias and Cmnd_Alias to allow them to execute a command without prompting for sudo password.
command I want these users should be able to run is '/usr/bin/su - abcd' . Also user1 and 2 need not type the 'abcd'... (6 Replies)
Discussion started by: upengan78
6 Replies
3. Solaris
Hello gurus,
Is there a flag or switch that you can added to sudoers file to always have users type 'sudo' prior to running a command? (5 Replies)
Discussion started by: em23
5 Replies
4. Shell Programming and Scripting
Hi all,
I have to create SSH public key for multiple users.
Iam creating a script in which, through root, I have to switch to multiple accounts to create SSH keys and then transfer it to the respective servers.
First I tried with single user id and everything worked fine.
When I try to sudo... (1 Reply)
Discussion started by: deepakwins
1 Replies
5. Shell Programming and Scripting
Well, sudo is a great tool for delegating permissions among admins. But, it's really hard to find a great tool which would give an interactive way of editing /etc/sudoers file. Now, when I say "editing", I really refer to add new groups, users, aliases in the /etc/sudoers file. visudo is great... (2 Replies)
Discussion started by: admin_xor
2 Replies
6. HP-UX
Dear folks.
Considering PCIDSS standards, i have requirment to use sudo(ers) to log everything a certain user executes with root privileges.
Now, for an admin it's just a pain in the ass to prefix every command with sudo.
Only way i can think of is making .aliases and with some awk magic... (6 Replies)
Discussion started by: Peasant
6 Replies
7. Linux
Hi Unix.com people! :)
My question, I think, it's easy to understand.
I want to configure my sudoers file (/etc/sudoers) in order
to hide automatically, some repetitive and annoying commands
to be listed on auth.log (/var/log/auth.log).
Anyone know something, or know where I can... (0 Replies)
Discussion started by: fefafefa
0 Replies
8. Solaris
Hi all,
how can I disable direct login to a Solaris system not only for root user but also for other accounts?
Looking in google I came to the following:
For telnet (/etc/default/login):
disable root access> CONSOLE=/dev/console
disable generic user> ?
For ssh... (5 Replies)
Discussion started by: Evan
5 Replies
9. Solaris
HI Gurus
can I temporary disable users to connect to Solaris, need help
Regards (3 Replies)
Discussion started by: smazshah
3 Replies
10. Solaris
I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies
scl(1) General Commands Manual scl(1)
NAME
scl - Setup and run software from Software Collection environment
SYNOPSIS
scl <action> <collection1> [<collection2> ...] <command>
scl <action> <collection1> [<collection2> ...] -- <command>
scl {-l|--list} [<collection1> <collection2> ...]
DESCRIPTION
This manual page documents scl, a program which is an utility for running software packaged as a Software Collection.
scl utility allows to execute an application which is not located in the filesystem root hierarchy but is present in an alternative loca-
tion. This application can still use and benefit from software installed in the root filesystem. In order to let an application be visible
to the system one has to use scl utility as an interface.
<action> is a script name to execute in a bash environment before the application itself takes in executed. Currently only enable scriptlet
is mandatory which is needed to update search paths, etc.
One can enable more Software Collections if needed and therefore one can use multiple collections which are enabled by the left-right order
as present on scl command-line.
<command> is an arbitrary command or set of commands to execute within the Software Collection environment enabled. Control is returned
back to the caller with the original environment as soon as the command finishes. If <command> is '-' (dash) then it is read from the stan-
dard input.
Note: if you use <command> consisting of multiple arguments, you either need to use quotes or the -- command separator. Everything that
follows the separator will be considered a command or its argument.
Note: some commands modify user environment in some way. Those commands may potentially break SCLs, as their activation also usually
depends on env. modification as well. Typical examples of such commands are su and sudo. Every collection modifies the environment differ-
ently, thus more details may be found in the documentation of the particular collection.
OPTIONS
-l, --list
Lists all installed Software Collections on the system.
-l, --list <collection1> <collection2> ...
If a collection name is specified then list of installed packages belonging to the collection is listed.
EXAMPLES
scl enable example 'less --version'
runs command 'less --version' in the environment with collection 'example' enabled
scl enable foo bar bash
runs bash instance with foo and bar Software Collections enabled
cat my_command | scl enable baz -
run set of commands listed in my_command file in the environment with baz Software Collection enabled
scl -l list all installed collections
scl -l example
list all packages within example collection
AUTHOR
scl was written by Jindrich Novy <jnovy@redhat.com> and Jan Zeleny <jzeleny@redhat.com>
scl(1)